Accepted gallery 1.2.5-8woody3 (all source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 4 Jan 2004 16:30:00 -0100
Source: gallery
Binary: gallery
Architecture: source all
Version: 1.2.5-8woody3
Distribution: stable-security
Urgency: high
Maintainer: Adam Lazur <zal@debian.org>
Changed-By: Uli Martens <uli@youam.net>
Description:
gallery - a web-based photo album written in php
Changes:
gallery (1.2.5-8woody3) stable-security; urgency=high
.
* Non-maintainer upload for the Security Team
* Fix cross-site scripting vulnerability in include parameter
[index.php, CAN-2004-1106]
* Added dbhost and GLOBALS to sensitive list [init.php, CAN]
* Check for imported variables via $_REQUEST and $_FILES as well
[init.php, CVE-NOMATCH]
Files:
f789c8198ba2b859cfb5cca31aaf6dcd 573 web optional gallery_1.2.5-8woody3.dsc
6acd9ee257ddad8c2ffa568b5540e9fe 7908 web optional gallery_1.2.5-8woody3.diff.gz
3527d050800873dc990c1d002478aa7e 133126 web optional gallery_1.2.5-8woody3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB62QkW5ql+IAeqTIRAo72AJ46MJ0n2c2DtWGJlErg1TT3CJkBpACeKzkb
K1mMK+ZImuSNxhbJTy0eN0M=
=Enlv
-----END PGP SIGNATURE-----
Accepted:
gallery_1.2.5-8woody3.diff.gz
to pool/main/g/gallery/gallery_1.2.5-8woody3.diff.gz
gallery_1.2.5-8woody3.dsc
to pool/main/g/gallery/gallery_1.2.5-8woody3.dsc
gallery_1.2.5-8woody3_all.deb
to pool/main/g/gallery/gallery_1.2.5-8woody3_all.deb
Reply to: